Cellebrite UFED 6.1...
 
Notifications
Clear all

Cellebrite UFED 6.1 and Advanced ADB

7 Posts
5 Users
0 Likes
1,631 Views
Goovscoov
(@goovscoov)
Posts: 11
Active Member
Topic starter
 

Hi all,

As some of you may know, Cellebrite Released UFED version 6.1 for their products.

Release notes http//www.cellebrite.com/Releases/MobileForensics/UFED6.1_ReleaseNotes_EN.pdf

In this new version they introduced something they call "Advanced ADB. Which they state that they have a new way to make a physical extraction from android devices up to version 7.1 with security patches until november 2016.

How they do it?

Basically wat this means is that with Advanced ADB, you push a tool to the mobile phone from you UFED device.
You un-mount your mobile phone from you UFED device. Attach the new OTG kabels (OTG 508 & 501) to the phone, attach your storage devices (has to be FAT32, exFAT or vFAT).
Run the tool and make the extraction.

I haven't received the cables yet so I was wonder if anyone already has tested this method? If so, what are your experience?

 
Posted : 21/04/2017 2:05 pm
(@principle3notes)
Posts: 4
New Member
 

Dropped you a PM

 
Posted : 25/04/2017 12:32 am
(@pacman91)
Posts: 4
New Member
 

I'd love to know how this works and other people's experience - please drop me PM )

 
Posted : 25/04/2017 4:27 pm
(@si666)
Posts: 28
Eminent Member
 

Looking at the release date and the fact that it uses an exploit which was patched in Nov 16 i would guess they are using the "dirty cow" exploit to gain root.

 
Posted : 25/04/2017 10:27 pm
(@si666)
Posts: 28
Eminent Member
 

I'm guessing by the fact that it utilises an exploit which was patched in Nov 16 that they are using Dirty Cow.

 
Posted : 25/04/2017 10:34 pm
Mreza
(@mreza)
Posts: 84
Trusted Member
 

We got the cables rather quickly and we've tested few of the models that weren't directly supported (as generic models) and everything went well, meaning we didn't experience any issues.

https://twitter.com/detektiv_mreza/status/855719615799971841

Also, I'm interested if there is a way to do a data extraction to a USB flash drive while charging the phone at the same time (except Cellebrite's Phone Power-up Cable).

 
Posted : 25/04/2017 11:56 pm
Goovscoov
(@goovscoov)
Posts: 11
Active Member
Topic starter
 

We got the cables rather quickly and we've tested few of the models that weren't directly supported (as generic models) and everything went well, meaning we didn't experience any issues.

https://twitter.com/detektiv_mreza/status/855719615799971841

Also, I'm interested if there is a way to do a data extraction to a USB flash drive while charging the phone at the same time (except Cellebrite's Phone Power-up Cable).

Thats nice to hear!
Did you got any change to check the footprints of the tool on the devices when using the cable method? I heard that when you choose for the SD card method, the tool installs on the SD card. And no footprints will be left on the device itself(after cleaning up). With the cable its a different story ( I guess it loads in memory and then to the attachted USB-drive via the OTG cables.)

Would love to hear if you had any change to inspect that! D

 
Posted : 26/04/2017 11:25 am
Share: